Tuesday, February 20, 2007

Security Breaches: Lack of Communication is Giving Consumers the Shaft

Has anyone noticed a disturbing pattern in security breaches at major U.S. companies?

Due to slow – and even deliberate – delayed communications, consumers are getting the shaft.

The most recent case flared up in mid-January when TJX Cos., a Framingham, Mass. retailer that runs T.J. Maxx, Marshalls, Home Goods and other stores, disclosed a data theft that exposed millions of customer credit and debit card numbers.

Like several past instances, consumers were NOT notified right away. In the case of TJX, the company waited about a month. A couple of years ago when Bank of America had some computer tapes stolen, it waited two months to notify customers.

Even the U.S. government waited several weeks before disclosing someone had walked off with a government-owned laptop containing Social Security information for 25.6 million U.S. citizens.

Corporate executives, government investigators, and legal counselors have been postulating that the communication gap exists because it gives the authorities time to catch the bad guys.

This may sound good on paper, but it doesn’t do much for the consumer.

I’m in agreement that the ultimate objective is to catch these thieves and throw the book at them. However, companies are bucking a clear trend: the customer (in this case the consumer) comes first.

Take a closer look at the TJX case.

According to a report in The Boston Globe, a New Bedford, Mass. city employee said $6,700 in charges suddenly appeared on his Visa card in January of 2007. It’s the same credit card he used while shopping at a T.J. Maxx store last December.

Does TJX really think it utilized the right communications strategy by waiting a month to tell this consumer about the breach? If you were this shopper, what would you think about TJX?

Could it be that TJX did not want to announce the breach in December because it would have severely impacted its Christmas sales?

My 30-plus years experience in strategic communications tells me this dynamic must change.

By waiting to tell the consumer about breaches, companies are risking major damage to their reputations and brands and even a substantial drop in sales.

While it’s true that banks and other credit card issuers usually pick up the tab for bogus charges, there is still a huge psychological impact on the consumer. People whose personal data is stolen feel violated.

It may be gradual, but the American public is going to stand up against this behavior and demand to know right away that someone has stolen their financial data. At some point, it seems logical that consumers will organize boycotts against companies that compromise their personal data.

To make matters worse, some companies are making security breach announcements without solid contingency communication plans in place to deal with the fallout.

At the risk of picking on TJX, the company seemed disorganized when the story broke. People complained that they got the run-around from customer service hotlines and the CEO was unavailable for comment.

Finally, after more than two weeks, the company took full-page ads in newspapers saying that it was sorry for the inconvenience to consumers and it was doing everything in its power to correct the problem.

If the company had a good contingency communications plan in place, it would have called for a letter like this to be written within a matter of days. Why wait? It looks like the company is hiding something.

I believe there is an Rx to contain – and even fix – this problem. It involves work on the front end and the back end.

On the front end, organizations holding the data need to build more secure systems to protect consumer information. This will involve more capital spending on encryption, security software, and other various IT tools.

On the back end, state and national political leaders need to introduce legislation that compels companies to notify consumers within five days of a security breach. There will be opposition, but it’s the right thing to do.

Meanwhile, all of us continue to hold our breath until the next security breach is announced…and we wonder if our financial data will be compromised along with our credit standing and privacy.

4 comments:

Anonymous said...

Finally, got what I was looking for!! I definitely enjoying every little bit of it. Glad I stumbled into this article! smile I have you saved to check out new stuff you post..

oakleyses said...

nike free run, ugg boots, longchamp outlet, ray ban sunglasses, prada handbags, prada outlet, nike air max, polo ralph lauren, christian louboutin outlet, cheap oakley sunglasses, nike free, louis vuitton outlet, oakley sunglasses, louis vuitton outlet, nike air max, polo ralph lauren outlet online, gucci handbags, polo outlet, longchamp outlet, replica watches, ugg boots, louboutin pas cher, uggs on sale, burberry pas cher, louis vuitton, oakley sunglasses wholesale, longchamp outlet, sac longchamp pas cher, replica watches, chanel handbags, christian louboutin uk, nike roshe, air max, kate spade outlet, longchamp pas cher, nike outlet, christian louboutin shoes, oakley sunglasses, jordan shoes, louis vuitton, christian louboutin, tiffany and co, michael kors pas cher, louis vuitton outlet, oakley sunglasses, tiffany jewelry, tory burch outlet, ray ban sunglasses

oakleyses said...

polo lacoste, michael kors outlet online, nike air max uk, replica handbags, nike roshe run uk, uggs outlet, coach outlet, michael kors outlet online, sac vanessa bruno, oakley pas cher, ray ban pas cher, nike air max uk, lululemon canada, new balance, nike free uk, north face, nike air force, hogan outlet, kate spade, burberry outlet, mulberry uk, coach purses, true religion jeans, michael kors outlet online, abercrombie and fitch uk, michael kors outlet, hollister uk, converse pas cher, nike blazer pas cher, timberland pas cher, nike tn, true religion outlet, ralph lauren uk, michael kors, guess pas cher, sac hermes, michael kors outlet, ray ban uk, uggs outlet, michael kors outlet online, true religion outlet, coach outlet store online, michael kors, vans pas cher, true religion outlet, hollister pas cher, nike air max, michael kors outlet, north face uk

oakleyses said...

converse outlet, chi flat iron, ray ban, insanity workout, ferragamo shoes, mac cosmetics, herve leger, soccer jerseys, converse, louboutin, north face outlet, asics running shoes, jimmy choo outlet, gucci, ralph lauren, mont blanc pens, soccer shoes, celine handbags, nike trainers uk, beats by dre, vans, bottega veneta, babyliss, nike roshe run, hollister, ghd hair, wedding dresses, giuseppe zanotti outlet, abercrombie and fitch, hermes belt, nike air max, hollister clothing, iphone cases, north face outlet, vans outlet, nfl jerseys, hollister, mcm handbags, valentino shoes, p90x workout, new balance shoes, nike huaraches, timberland boots, instyler, lululemon, nike air max, longchamp uk, baseball bats, reebok outlet, oakley